I am getting this exception when deploying an application I have running ok on GlassFish v3. It uses CDI Named beans and JDBC authentication, so I've configured a security domain in login-config.xml with org.jboss.security.auth.spi.DatabaseServerLoginModule module.

The conversation context is assoicated in the WeldListener.requestInitialized and activated in the WeldPhaseListener.activateConversations() so it must be some lifecycle-thingie. Not quite sure how the JSF (activate) would be called but not the Servlet (associate). Is there any code to share or does this happen "behind the scenes"?

It would be handy to have some minimal application that could be attached to a JIRA. My guess is that there is some redirection going on that starts a new thread but the association is skipped the second time. Perhaps there would be some place in the form authentication code that could be used for activating the contexts once more...

Well there is a workaround actually. Assuming everyone experiencing this problem is using JSF, JBoss 6 and and a CDI Activated web-app with form authentication:

instead of using login and loginError pages xhtml style, simply use plain old deprecated JSPs for form login / loginError pages.

Use xhtml with JSF for all the rest. Works pretty well for me. One major drawback is, that you cant use any existing JSF templates in your login.jsp - I had to fake the template to make it look like the rest of the app.

I really dont know why JBOSS developers arent fixing this. A EJB 3.1 Glassfish container has been around for some time longer than JBOSS 6 and it doesn't have any of theses problems.